Oracle Apparently Has Been Pwned And Extortion Emails Have Gone Out To Execs Of Companies Using E-Business Suite

Posted in Commentary with tags , on October 3, 2025 by itnerd

There’s a newly reported extortion campaign, where hackers claim to have stolen sensitive data through Oracle’s E-Business Suite and are now targeting executives directly:

According to Google Threat Intelligence Group (GTIG) and Mandiant, the malicious activity allegedly targeting Oracle EBS appears to have started on or around September 29. The attackers have sent extortion emails to executives at “numerous” companies, claiming to be affiliated with the notorious Cl0p cybercrime group.

GTIG and Mandiant researchers have described the attacks as a high-volume email campaign leveraging hundreds of compromised accounts, including ones previously linked to a profit-driven threat group named FIN11. This long-running cybercrime gang is known to engage in ransomware deployment and extortion.

The researchers also found some evidence indicating a connection to Cl0p. Specifically, the contact information provided by the attackers in the emails sent to targeted organizations matches contact addresses listed on the Cl0p leak website.

Mandiant and GTIG said they are in the early stages of their investigations and could not confirm whether the hackers’ claims are substantiated. 

Dr. Chris Pierson, a former DHS cybersecurity official and CEO/founder of BlackCloak, a digital executive protection firm had this to say:

     “Extortion attempts like this highlight the reality that executives are increasingly being singled out as the soft underbelly of the corporation for cybercriminals. Cybercriminals recognize that targeting the C-suite creates urgency, exposes them to high risk, and instills fear that can lead to other issues. The challenge for organizations is twofold: hardening the systems that store the most sensitive corporate data, and ensuring executives are prepared with the right playbook when extortion attempts land in their inbox. Third-party vendor risks will continue to be a favorite target of cybercriminals, and we’ve seen a marked increase in these systems being targeted because they yield information on not one company, but hundreds or thousands of companies.  The companies that come out ahead are those that treat digital executive protection as part of their overall cybersecurity posture rather than an afterthought.”

Oracle said via a blog post that they believe the threat actors exploited vulnerabilities patched in the July 2025 security updates. But they have said no more than that. Which likely means that this is going to be very, very bad. Oracle looks like it has some explaining to do.

1 Comment »

Deepgram Launches Flux – The World’s First Conversational Speech Recognition Model 

Posted in Commentary with tags on October 2, 2025 by itnerd

Deepgram, the world’s most realistic and real-time Voice AI platform, today announced from VapiCon 2025 the launch of Flux, the world’s first conversational speech recognition (CSR) model designed specifically for real-time voice agents. Unlike traditional automatic speech recognition (ASR), which was built for passive transcription use cases like captions or meeting notes, Flux is trained to understand the nuances of dialogue. It doesn’t just capture what was said. It knows when a speaker has finished, when to respond, and how to keep the flow of conversation natural and engaging.

The global voice AI agents market is projected to reach nearly $47.5 billion by 2034, growing at a compound annual rate of about 34.8%. This growth is primarily due to the enterprise shift toward automated customer self-service, smarter agent assist tools, and embedded conversational experiences across industries. But traditional STT systems weren’t designed to participate in live dialogue. To recreate conversational flow, developers have been forced to piece together transcription, voice activity detection, and turn-taking logic — a patchwork that leads to latency, errors, and frustrating user experiences.

Flux eliminates these problems by embedding turn-taking directly into recognition. It transforms speech recognition from a passive recorder into an active conversational partner. This provides developers with the tools to build responsive, human-like voice agents without the complexity of workaround code or endless threshold tuning.

What Flux Delivers:

  • Embedded turn-taking intelligence – Conversation-aware recognition that handles timing inside the model itself, with context-aware turn detection and native barge-in handling for fluid exchanges.
  • Lightning-fast performance – Ultra-low latency where it matters most with ~260ms end-of-turn detection, plus distinct events to support eager response generation before a turn is complete.
  • Simpler development – Turn-complete transcripts and structured conversational cues replace fragile client-side logic, so teams can ship production-ready agents in weeks, not months.
  • Enterprise-ready scalability – Nova-3 level accuracy, GPU-efficient concurrency with 100+ streams per GPU, and predictable costs that avoid the hidden overhead of bolted-on systems.

Who It’s For: 

  • Voice AI builders – Developers, engineering leads, and AI teams creating real-time agents.
  • Enterprise innovators – Leaders modernizing customer experience with agent assist and conversational AI platforms.
  • Ecosystem partners – Platform providers, consultancies, and cloud architects looking to integrate CSR into larger AI stacks.

Flux is generally available (GA) today. Developers can start building with CSR immediately.

To celebrate the launch, Deepgram is announcing OktoberTalk – making Flux FREE to use for the entire month of October. Developers can use Flux to build and test real-time voice agents at no cost, with support for up to 50 concurrent connections. The goal: remove every barrier to experimentation so teams can experience how conversational speech recognition changes what’s possible in voice AI. 

Leave a comment »

Comparitech Research: Q3 Ransomware Roundup

Posted in Commentary with tags on October 2, 2025 by itnerd

Today, Comparitech researchers published a ransomware roundup for the third quarter of 2025. So far this year, there have been a total of 5,186 tracked ransomware attacks. This is a 36% increase from the same period of time in 2024. 

Q3 of 2025 also saw a 6 percent increase in attacks from Q2 of 2025—rising from 1,434 to 1,517. 

The study takes a look at the most prolific ransomware strains, as well as at ransomware attacks by sector, finding that year over year, attacks on government and healthcare organizations have decreased, while attacks against the education sector remained similar. 

The full study can be found here at this link: https://www.comparitech.com/news/ransomware-roundup-q3-2025/

Leave a comment »

Lifeprinter app on iOS and Android leaked 2 million private photos: Cybernews

Posted in Commentary with tags on October 2, 2025 by itnerd

The latest Cybernews research team findings show that Lifeprint, a portable photo printer for iPhone and Android, spilled millions of private photos onto the open internet.

Any internet user could have accessed over 8 million files, including 2 million unique photos, exported user data in JSON and CSV formats, and lists of usernames, email addresses, and printing stats for more than 100,000 users.

Key research takeaways: 

  • The leak was caused by a misconfigured bucket that lacked authentication.
  • According to the stored metadata, these users printed 1.6 million photos together.
  • The research team also found that the public cloud bucket contained multiple versions of the printer’s firmware. Buried inside the files was a private encryption key, left in plain text, which appeared to be used to sign the firmware.

Possible threats

Lifeprint users face multiple risks, such as identity exposure through leaked personal information. Leaked photos can often be intimate, exposing the user’s private life to anyone on the internet. Also, the leaked personal information could be used in identity theft, harassment, and doxxing attacks.

Also, affected users are in theoretical danger of malicious firmware taking over their devices. Cybernews contacted the company, but no response was received.

To read the full research, please click here.

Leave a comment »

Amazon Canada Prime Deals from Anker Innovations

Posted in Commentary with tags on October 2, 2025 by itnerd

Below is a curated selection of top offers from Anker Innovations — covering must-haves in charging gear, home-tech, audio, and portable entertainment. Deals span up to 48% off across brands including Anker, eufy, Soundcore, and Nebula, with standout savings on power banks, smart vacuums, projectors, wearables, and more.

Anker | Charging Essentials & Power Solutions

Portable Power Banks:

Anker Power Bank (25K, 165W, Built-In and Retractable Cables), $129.99 (23.5% off), regular $169.99

Anker Nano Power Bank (5K, MagGo, Slim), $54.99 (21% off), regular $69.99. Available in black and white. 

Power Chargers:

Anker Nano Travel Adapter, 5-Port Power Adapter, $31.99 (20% off), regular $39.99. Available in black and white.

Anker Nano 45W Type C Charger Fast Charging, $34.29 (30% off), regular $48.99. 

eufy Appliances

Robot Vacuums 

X10 Black, $699.99 (46% off), regular $1,299.99

E25, $849.99 (40% off), regular $1,399.99

Breast Pump:

eufy Wearable Breast Pump S1, $199.99 (25% off), regular $269.99

Security Camera Systems

SoloCam S340, $199.99 (39% off), regular $259.99

eufyCam S3 Pro, $769.99 (30% off), regular $1,099.99

SoloCam E42, $639.99 (20% off), regular $799.99

Soundcore

Personal Audio 

AeroClip, $129.99 (27% off), regular $179.99. Available in Midnight, Blue, Champagne Mist, Rosy Brown 

AeroFit 2, $79.98 (38% off), regular $129.99. Available in Black, Blue, Minty Green, White.

Liberty 5, $109.99 (21% off), regular $139.99. Available in black, blue, white or pink.

Space One, $99.99 (23% off), regular $129.99. Available in Jet Black, Latte Cream, Pink, Sky Blue.

Soundcore Boom 3i Outdoor Speaker, $129.99 (32% off), reguar $189.99. Available in black, blue, and green.

Nebula 

Portable Projectors

NEBULA Capsule 3 Laser Projector, $699.99 (36% off), regular $1099.99

Leave a comment »

A Severe Red Hat Privilege Escalation Flaw Is Out There

Posted in Commentary with tags , on October 1, 2025 by itnerd

A severe privilege escalation flaw (CVE-2025-10725, CVSS 9.9) has been disclosed in Red Hat’s OpenShift AI service, which manages the lifecycle of predictive and generative AI models across hybrid cloud environments. The vulnerability allows a low-privileged, authenticated user—such as a data scientist using a Jupyter notebook—to escalate privileges to full cluster administrator. This could enable an attacker to exfiltrate data, disrupt services, and take control of the infrastructure, leading to complete compromise. Red Hat classified the issue as “Important” rather than “Critical” due to the requirement of authenticated access, but acknowledged that it exposes all cluster confidentiality, integrity, and availability. The company advises restricting permissions for system-level groups and applying least-privilege principles for job creation.

You can read the Red Hat advisory here: https://access.redhat.com/security/cve/cve-2025-10725

Gunter Ollmann, CTO, Cobalt had this to say:

     “AI platforms are rapidly becoming high-value targets because they combine sensitive data, critical infrastructure, and powerful compute in one place. This vulnerability shows how even a low-privileged role can become a launchpad for full control of an AI environment if privilege boundaries aren’t enforced. While authenticated access may sound like a barrier, in real-world environments credentials are often shared, phished, or exposed through weak operational practices. Organizations adopting AI at scale must treat these systems with the same rigor as any mission-critical infrastructure—least privilege, continuous testing, and proactive detection. Otherwise, the promise of AI becomes paired with a massive, underappreciated attack surface.”

Wade Ellery, Chief Evangelist and IAM Strategy Officer, Radiant Logic adds this:

     “In today’s cyber-criminal world, account compromise is table stakes.  The idiom now is that an attacker only needs to login to the network now to gain access.  Phishing, token hijacking, iFrame overflow, credential stuffing, have shown to be very effective in dozens of recent successful breaches.  The working assumption is that the network is already breached and that there are already compromised accounts at risk.  Relying on a failed layer of protection to downgrade an account escalation to full privileges from Critical to Important may well underserve the community.  This breach and the reaction to it reinforces the need for a second layer of protection reinforcing authentication at the authorization layer.  Identity Observability actively monitors, alerts, and remediates threats from compromised accounts by recognizing anomalous behavior, policy violations, and out of band access escalations.  The old walls have fallen, it is time to build an effective layer of defense at the identity observability layer. 

AI platforms amplify the risks we already face with identity and privilege management. When a standard user can escalate to cluster administrator, it shows how fragile role boundaries can be without proper observability and enforcement. These environments are only as secure as their ability to monitor who has access, how that access is being used, and when privilege escalation occurs. Building AI securely means applying Zero Trust to every identity—human and machine alike—so no single credential or role can become the key to the entire system. Without that visibility, organizations are effectively flying blind in one of the most sensitive parts of their infrastructure.”

Red Hat users should look at the mitigation steps in the advisory and implement them ASAP given the impact and the severity of this flaw. To be frank, this flaw is pretty scary and should scare anyone in the Red Hat community.

Leave a comment »

FEMA Has Apparently Been Pwned… And Pwned Big

Posted in Commentary with tags on October 1, 2025 by itnerd

It is being reported that an unidentified hacker stole sensitive data from Customs and Border Protection and Federal Emergency Management Agency employees in a “widespread” breach this summer that lasted several weeks. 

Ensar Seker, CISO at SOCRadar had this to say:

“This breach targeting both FEMA and Customs and Border Protection highlights the growing risk of lateral movement across interconnected federal systems, especially when regional network segments are left exposed. A compromise that lasted “several weeks” without detection suggests not just a failure of preventive security controls, but likely gaps in real-time monitoring and behavioral anomaly detection.

The fact that the attacker gained deep access to a FEMA environment that supports critical emergency operations across several states is particularly alarming. This isn’t just a data breach; it’s a breach of trust in systems that Americans rely on during disasters. If the attacker maintained persistence long enough to pivot laterally, they could have exfiltrated sensitive employee PII, internal operational planning data, and potentially even response coordination protocols, all of which could be weaponized in future incidents.

What makes this more concerning is that no threat actor has been named yet. The longer attribution remains unclear, the greater the uncertainty for federal employees, partners, and the public. The incident underscores the urgency for agencies like DHS to implement more robust Zero Trust architectures, extend attack surface visibility into traditionally siloed regional environments, and continuously audit access paths, especially for hybrid or legacy systems.

We’re seeing a rise in state-linked threat actors exploiting weakly segmented infrastructure and federated identities across agencies. This breach is a textbook case of why cybersecurity shouldn’t be managed in operational silos. For federal agencies, the stakes aren’t just reputational or financial. They’re national security.”

Paul Bischoff, Consumer Privacy Advocate at Comparitech

“A breach that lasts several weeks usually implies that DHS failed to properly secure the data. If the data was left exposed to the internet for that long, then any number of hackers could have found and stolen it in that time. I surmise that hackers exploited the CitrixBleed vulnerability in an unpatched version of the Citrix NetScaler software, which is used for VPNs and other network gateways.  CISA, which is also run by the federal government, issued guidance on how to avoid CitrixBleed in 2023. 

The big questions we should be asking now is if it’s possible that more than one unauthorized party accessed the data, whether any of them were state-sponsored or political actors, and what data was stolen.”

This is not just bad. It’s insanely bad. The fact that the threat actor was running around for weeks inside a government network should not be a thing. Yet here we are talking about it. This shows that there needs to be a big shake up when it comes to cybersecurity in the US government.

Leave a comment »

Apps Putting Your Privacy Most at Risk: Revealed By Elevate

Posted in Commentary with tags on October 1, 2025 by itnerd

While 65% of adults worldwide have at least one social media account, fewer than 15% understand how their personal data is collected, stored, or protected by these platforms. A new study by cloud network provider Elevate analyzed major apps to identify which ones are putting users’ privacy in the most danger.

The research evaluated each platform using multiple security indicators: confirmed breach incidents, total number of users affected, data sharing policies with third parties, and the number of permissions each app requests from users. Apps were ranked primarily by the total number of users whose data was exposed in confirmed breaches.

Here’s a look at the apps with the worst data breach records:

AppNumber of Confirmed BreachesTotal Users AffectedPermissions requested
Facebook  5~1.4 billion85
Weibo  1~538 million107
X (Twitter)  2~200 million50
Pinterest  1~70 million29
Telegram  2~57 million21
ChatGPT0~20 Million0

*Although there are no confirmed breaches, ChatGPT reportedly experienced a data leak in 2025.

You can access the complete research findings here.

Facebook ranks first as the platform with the worst data security record. With 3.07B users worldwide, the social media platform has experienced five separate confirmed breaches that collectively exposed data from an estimated 1.4B user accounts. Facebook also demands 85 different permissions from users’ devices and freely shares data with third parties, creating multiple security vulnerabilities.

Weibo takes second place in privacy risks. The Chinese social network suffered a data leak only once, although it affected 538M users, nearly its entire user base of 599M. Weibo also requests a high number of permissions at 107, significantly more than any other platform studied.

X, formerly known as Twitter, has faced data security problems too. The platform experienced two separate breaches that compromised data from roughly 200M accounts, a large portion of its 586M users. Unlike Weibo’s high permission demands, X asks for about 50 app permissions. Still, its policy of sharing user data with third parties may be leaving users vulnerable beyond the breaches themselves.

Pinterest comes in fourth place for data safety risks. The image-sharing platform experienced a single breach affecting 70M users out of its 537 million user base. While Pinterest requests only 29 permissions, it still shares user data with third parties, increasing potential security risks.

Telegram lands in fifth despite its privacy-focused reputation. The app collects 21 permissions and only shares data with third parties when users give consent. However, even with these lighter demands, Telegram has still seen two breaches that exposed around 57M users.

ChatGPT is ranked in sixth position. While not experiencing a confirmed breach, the AI chatbot reportedly had an information leak earlier this year. The incident allegedly resulted in 20M of its accounts being compromised.

Leave a comment »

Quorum Cyber Announces That It Is A Participant In The Microsoft Sentinel Partner Ecosystem

Posted in Commentary with tags on October 1, 2025 by itnerd

Quorum Cyber, a proactive, threat-led cybersecurity company founded to help organizations defend themselves in an increasingly hostile digital landscape, today announced its inclusion in the Microsoft Sentinel partner ecosystem. Quorum Cyber was selected based on their proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting edge functionality, and close relationship with Microsoft. 

Quorum Cyber is working with Microsoft product teams to shape Sentinel product development, including validation of new scenarios, feedback on product operations, and API extensibility – while also extending Sentinel’s capabilities as part of the partner ecosystem. By creating solutions such as connectors, analytics, playbooks, hunting queries, Jupyter notebook jobs, and Security Copilot agents that leverage Sentinel’s open architecture and advanced analytics, Quorum Cyber is helping make innovation accessible to customers worldwide through the Microsoft Security Store. 

Microsoft Sentinel is evolving beyond its traditional role as a SIEM to also be an AI-ready platform – equipping defenders with unified security data, intelligent reasoning tools to help agents interpret data, and enriched context through graph-powered visibility. By bringing all these features together, Microsoft Sentinel now provides a scalable backbone for modern defense.

The Microsoft Security Store is setting a new benchmark for cybersecurity procurement and deployment. By centralizing a wide range of security solutions and AI agents—organizations can now streamline how they discover, acquire, and operationalize advanced security technologies. With features like industry framework alignment, simplified billing, and guided deployment, the Security Store helps security teams reduce complexity, accelerate adoption, and maximize the value of their security investment.

Leave a comment »

Kyndryl announces advanced agentic AI capabilities that enable customers to scale AI across their businesses

Posted in Commentary with tags on October 1, 2025 by itnerd

Kyndryl today unveiled capabilities that augment the Kyndryl Agentic AI Framework and accelerate AI adoption at scale across industries. The enhancements incorporate a unique design process and an innovative engagement methodology. This enables customers to break free from limited proof-of-concept AI projects to scale real-world AI-native solutions that boost efficiency and drive business outcomes.

The company is deploying forward engineers, capabilities and intellectual property to drive rapid adoption of the expanded Agentic AI Framework with customers, leveraging differentiated methodologies through Kyndryl Vital. By co-creating customized projects that minimize time between design and deployment, Kyndryl is speeding time to value for organizations in government, banking, insurance, manufacturing and other industries.

Backed by an infrastructure-first mindset and decades of experience running mission-critical systems, Kyndryl has a proven track record of implementing AI-native workflows at scale. This foundation uniquely positions the company to deliver the step change that customers need to deploy an enterprise-grade framework with intelligent AI agents that dynamically learn, evolve, and turn insights into measurable outcomes.

In fact, Kyndryl is already seeing that a quarter of its signings contain AI-related content, including data architecture, cloud and digital workplace services.

The company is also collaborating with its global alliance partners to create joint solutions across the ecosystem that enable customers to embrace Kyndryl’s Agentic AI Framework and efficiently blend AI into their core business operations. In addition, Kyndryl is partnering with several universities globally to engage their researchers and students with a focus on educating and fostering the next generation of skilled AI professionals.

At the core of the Kyndryl Agentic AI Framework is the advanced capability that orchestrates, secures and scales a customer’s technology footprint into agentic AI workflows. This is strengthened by input from Kyndryl’s agentic ingestion capability, which extracts and analyzes the customer’s code, policies, data interdependencies, business goals and insights – including from Kyndryl Bridge. The Kyndryl Agentic AI Framework is secure-by-design, with guardian concepts – enabling autonomous, transparent and compliant operations.

The core capability helps customers deliver an agentic system with a future workforce model, including defined roles agents will play in an organization and how they will work with employees. Kyndryl’s experts use the model to identify the professional roles people will play and the skills required to deliver business outcomes in partnership with their agent counterparts.

Harnessing the model, Kyndryl’s agent builder uses the company’s industry and domain reference architectures and catalog of AI agents and agentic workflows to help make it easier for enterprises to design, test and deploy AI agents that perform tasks such as writing code, running tests, or automating complex processes. The agent builder also creates and deploys agents in harmony with compliance standards and security protocols, while ensuring they are ready for mission-critical use.

Kyndryl is furthering adoption of its Agentic AI Framework across industries by:

  • Working with insurance industry customers on an agentic AI-enabled actuarial solution that creates and embeds AI agents to deliver an end-to-end intelligent, automated workflow. The agents dynamically generate regulatory filings, support proactive regulatory compliance checks and deliver insights to drive real-time analysis and decision-making.
  • Developing and deploying AI agents that connect and streamline government processes spanning multiple departments, from tax and licensing to immigration and government benefits. The solution incorporates knowledge of policies and procedures, works alongside civil servants, and proactively acts to serve the needs of citizens, businesses and government employees.
  • Collaborating with a banking customer to streamline and automate an intensive manual client onboarding process that involves application submission, review, validation and vetting with external parties. Using intelligent AI agents embedded within all stages of the process, the Framework is enabling the customer to streamline and accelerate onboarding time, while enhancing the overall customer experience.

Learn more about Kyndryl’s expanded and enhanced approach to enabling customer adoption of agentic AI. 

Leave a comment »

« Older Entries
Newer Entries »